ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
23,542 Commits 589 Branches 805 Tags
faa3b61828dc2c6b92b68cd6e603fe2b9a7d5fdc
Commit Graph

9824 Commits

Author SHA1 Message Date
Tinderbox User
faa3b61828 update copyright notice / whitespace 2015-07-13 23:45:24 +00:00
Mark Andrews
3a49d0ff10 4164. [bug] Don't rename slave files and journals on out of memory. 
[RT #40033]

4163.   [bug]           Address compiler warnings. [RT #40024]
 2015-07-13 09:46:59 +10:00
Mark Andrews
0bc743f9bc 4162. [bug] httpdmgr->flags was not being initialized. [RT #40017] 2015-07-10 18:42:20 +10:00
Tinderbox User
f16a6bfb6c update copyright notice / whitespace 2015-07-09 23:45:22 +00:00
Evan Hunt
fc5f1971a1 [master] fix build error with ISC_MEM_TRACKLINES=0 2015-07-09 14:23:29 -07:00
Evan Hunt
1479200aa0 [master] DDoS mitigation features 
3938.	[func]		Added quotas to be used in recursive resolvers
			that are under high query load for names in zones
			whose authoritative servers are nonresponsive or
			are experiencing a denial of service attack.

			- "fetches-per-server" limits the number of
			  simultaneous queries that can be sent to any
			  single authoritative server.  The configured
			  value is a starting point; it is automatically
			  adjusted downward if the server is partially or
			  completely non-responsive. The algorithm used to
			  adjust the quota can be configured via the
			  "fetch-quota-params" option.
			- "fetches-per-zone" limits the number of
			  simultaneous queries that can be sent for names
			  within a single domain.  (Note: Unlike
			  "fetches-per-server", this value is not
			  self-tuning.)
			- New stats counters have been added to count
			  queries spilled due to these quotas.

			See the ARM for details of these options. [RT #37125]
 2015-07-08 22:53:39 -07:00
Mark Andrews
af63e286dd set error code if aes selected and not implemented 2015-07-08 12:20:46 +10:00
Tinderbox User
9ab5a7d83c update copyright notice / whitespace 2015-07-07 23:45:22 +00:00
Mark Andrews
bd08b82891 add warning not about handling malformed option content 2015-07-07 10:25:09 +10:00
Mark Andrews
46fc714aa0 dig +ednsopt=<invalid> could trigger a assertion failure [RT #39990] 2015-07-06 23:03:51 +10:00
Mukund Sivaraman
33ca26968b Allow RPZ rewrite logging to be configured on a per-zone basis (#39754) 2015-07-06 08:57:51 +05:30
Mark Andrews
3e33f4198d 4154. [bug] A OPT record should be included with the FORMERR 
response when there is a malformed EDNS option.
                        [RT #39647]

4153.   [bug]           Dig should zero non significant +subnet bits.  Check
                        that non significant ECS bits are zero on receipt.
                        [RT #39647]
 2015-07-06 12:52:37 +10:00
Tinderbox User
8f0b326d9a update copyright notice / whitespace 2015-07-05 23:45:22 +00:00
Mark Andrews
ce67023ae3 4152. [func] Implement DNS COOKIE option. This replaces the 
experimental SIT option of BIND 9.10.  The following
                        named.conf directives are avaliable: send-cookie,
                        cookie-secret, cookie-algorithm and nocookie-udp-size.
                        The following dig options are available:
                        +[no]cookie[=value] and +[no]badcookie.  [RT #39928]
 2015-07-06 09:44:24 +10:00
Tinderbox User
85d23eaae8 update copyright notice / whitespace 2015-07-03 23:45:24 +00:00
Mark Andrews
307adf6792 4151. [bug] 'rndc flush' could cause a deadlock. [RT #39835] 2015-07-03 10:17:33 +10:00
Tinderbox User
2bd63eca27 update copyright notice / whitespace 2015-07-01 23:45:22 +00:00
Mark Andrews
753b27a7d3 4150. [bug] win32: listen-on-v6 { any; }; was not working. Apply 
minimal fix.  [RT #39667]
 2015-07-01 11:51:45 +10:00
Tinderbox User
337d408adb update copyright notice / whitespace 2015-06-29 23:45:23 +00:00
Mukund Sivaraman
c44c77178e Fix race in getaddrinfo() in libirs, which caused assertion failure in delv (#39873) 2015-06-29 19:44:42 +05:30
Mukund Sivaraman
08f0129732 Fix a bug printing zone names with '/' character in XML and JSON stats (#39873) 2015-06-29 18:33:18 +05:30
Mark Andrews
4a61eae651 4147. [bug] Filter-aaaa / filter-aaaa-on-v4 / filter-aaaa-on-v6 
was returning referrals rather than nodata responses
                        when the AAAA records were filtered.  [RT #39843]
 2015-06-29 15:48:41 +10:00
Mark Andrews
adbf81335b 4146. [bug] Address reference leak that could prevent a clean 
shutdown. [RT #37125]
 2015-06-25 18:36:27 +10:00
Mark Andrews
2f66e2dd81 4145. [bug] Not all unassociated adb entries where being printed. 
[RT #37125]
 2015-06-25 18:26:59 +10:00
Mukund Sivaraman
8aecc50f0d Remove backwards compatibility grammar (#39845) 
This was not done in the previous merge commit, so that it could be
merged cleanly into release branches.
 2015-06-23 14:23:12 +05:30
Mukund Sivaraman
0439bfedd9 Fix parsing of NZFs saved by rndc addzone with view specified (#39845) 2015-06-23 14:19:48 +05:30
Mark Andrews
d4422ec231 don't use C++ keyword new; use (const char *) for output of strchr((const char *), char) 2015-06-18 11:14:43 +10:00
Mark Andrews
a85c6b35af 4138. [bug] A uninitialized value in validator.c could result 
in a assertion failure. (CVE-2015-4620) [RT #39795]
 2015-06-17 09:13:03 +10:00
Mark Andrews
a8cb6c6fbc add #define check_stale_rdataset check_stale_rdataset64 2015-06-12 11:17:07 +10:00
Mark Andrews
c781d465b6 silence unused parameter warning 2015-06-11 14:03:19 +10:00
Mukund Sivaraman
59a9cb54c1 Propagate stale attribute when updating stats (#39141) 
Squashed commit of the following:

commit 9b5b9fa30fbeba8ee1e95cb1028017230ed4db02
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue Apr 7 19:30:54 2015 +0530

    Remove double function prototypes

commit f3bb8cc60ae476eaa871ba10330b16425ced2d7c
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue Apr 7 19:30:34 2015 +0530

    Unify several copies of redundant code into a helper function

commit 4899fb9b2f36fc5d159fa877c0780a442a7cbdb3
Author: Mukund Sivaraman <muks@isc.org>
Date:   Thu Apr 2 00:23:53 2015 +0530

    Propagate stale attribute when updating stats
 2015-06-10 14:04:30 +05:30
Witold Krecicki
f85deb5154 log expired NTA at startup 2015-06-08 13:57:24 +02:00
Tinderbox User
a03c39ef51 update copyright notice / whitespace 2015-06-05 23:45:26 +00:00
Witold Krecicki
8d21d93a6b better logging of RPZ changes RT #39670 2015-06-05 12:24:11 +02:00
Mark Andrews
6c0c85563f update comment as per rt39703 2015-06-05 11:09:35 +10:00
Mark Andrews
8a9bac8dec 4133. [port] Update how various json libraries are handled. 
[RT #39646]
 2015-06-05 10:16:24 +10:00
Tinderbox User
e545fce91b update copyright notice / whitespace 2015-06-04 23:45:25 +00:00
Evan Hunt
8c9fba44a4 [master] further RPZ fixes 
4131.	[bug]		Addressed further problems with reloading RPZ
			zones. [RT #39649]
 2015-06-03 18:18:55 -07:00
Mark Andrews
e0fea0bf85 silence coverity warnings 2015-05-30 17:44:52 +10:00
Mark Andrews
03089dd420 add INSIST to silence coverity 2015-05-30 17:37:14 +10:00
Mark Andrews
4e056cee66 unsigned constants 2015-05-29 11:26:13 +10:00
Tinderbox User
431e5c81db update copyright notice / whitespace 2015-05-28 23:45:24 +00:00
Evan Hunt
2bb245e04a [master] typo in comment 2015-05-28 15:04:40 -07:00
Mark Andrews
38c19e5779 4130. [bug] The compatability shim for *printf() misprinted some 
large numbers. [RT #39586]
 2015-05-29 07:21:49 +10:00
Mark Andrews
8bb630c751 4129. [port] Address API changes in OpenSSL 1.1.0. [RT #39532] 2015-05-28 14:41:21 +10:00
Mark Andrews
e53e202ef3 4128. [bug] Address issues raised by Coverity 7.6. [RT #39537] 2015-05-28 13:17:07 +10:00
Tinderbox User
3813d22587 update copyright notice / whitespace 2015-05-27 23:45:25 +00:00
Mark Andrews
e7b7ede003 add dns_zone_cdscheck 2015-05-27 16:17:54 +10:00
Mark Andrews
598b502695 4127. [protocol] CDS and CDNSKEY need to be signed by the key signing 
key as per RFC 7344, Section 4.1. [RT #37215]
 2015-05-27 15:25:45 +10:00
Evan Hunt
a32b6291aa [master] address regression 
4126.	[bug]		Addressed a regression introduced in change #4121.
			[RT #39611]
 2015-05-26 19:11:08 -07:00